Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/gitlab@15.2.0-1
Typealpm
Namespacearchlinux
Namegitlab
Version15.2.0-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version15.2.1-1
Latest_non_vulnerable_version15.2.1-1
Affected_by_vulnerabilities
0
url VCID-1t9u-drzk-5ffz
vulnerability_id VCID-1t9u-drzk-5ffz
summary A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1. A stored XSS flaw in job error messages allows attackers to perform arbitrary actions on behalf of victims at client side.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2500
reference_id
reference_type
scores
0
value 0.00254
scoring_system epss
scoring_elements 0.48843
published_at 2026-04-18T12:55:00Z
1
value 0.00254
scoring_system epss
scoring_elements 0.48768
published_at 2026-04-02T12:55:00Z
2
value 0.00254
scoring_system epss
scoring_elements 0.48794
published_at 2026-04-04T12:55:00Z
3
value 0.00254
scoring_system epss
scoring_elements 0.48748
published_at 2026-04-07T12:55:00Z
4
value 0.00254
scoring_system epss
scoring_elements 0.48802
published_at 2026-04-21T12:55:00Z
5
value 0.00254
scoring_system epss
scoring_elements 0.48799
published_at 2026-04-09T12:55:00Z
6
value 0.00254
scoring_system epss
scoring_elements 0.48816
published_at 2026-04-11T12:55:00Z
7
value 0.00254
scoring_system epss
scoring_elements 0.4879
published_at 2026-04-24T12:55:00Z
8
value 0.00254
scoring_system epss
scoring_elements 0.48798
published_at 2026-04-13T12:55:00Z
9
value 0.00254
scoring_system epss
scoring_elements 0.48847
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2500
1
reference_url https://security.archlinux.org/AVG-2785
reference_id AVG-2785
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2785
fixed_packages
0
url pkg:alpm/archlinux/gitlab@15.2.1-1
purl pkg:alpm/archlinux/gitlab@15.2.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.1-1
aliases CVE-2022-2500
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1t9u-drzk-5ffz
1
url VCID-3szm-mdpf-6ua7
vulnerability_id VCID-3szm-mdpf-6ua7
summary An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab was returning contributor emails due to improper data handling in the Datadog integration.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2534
reference_id
reference_type
scores
0
value 0.00215
scoring_system epss
scoring_elements 0.43968
published_at 2026-04-24T12:55:00Z
1
value 0.00215
scoring_system epss
scoring_elements 0.44056
published_at 2026-04-02T12:55:00Z
2
value 0.00215
scoring_system epss
scoring_elements 0.44079
published_at 2026-04-11T12:55:00Z
3
value 0.00215
scoring_system epss
scoring_elements 0.4401
published_at 2026-04-07T12:55:00Z
4
value 0.00215
scoring_system epss
scoring_elements 0.44062
published_at 2026-04-08T12:55:00Z
5
value 0.00215
scoring_system epss
scoring_elements 0.44064
published_at 2026-04-09T12:55:00Z
6
value 0.00215
scoring_system epss
scoring_elements 0.44047
published_at 2026-04-12T12:55:00Z
7
value 0.00215
scoring_system epss
scoring_elements 0.44031
published_at 2026-04-13T12:55:00Z
8
value 0.00215
scoring_system epss
scoring_elements 0.44092
published_at 2026-04-16T12:55:00Z
9
value 0.00215
scoring_system epss
scoring_elements 0.44083
published_at 2026-04-18T12:55:00Z
10
value 0.00215
scoring_system epss
scoring_elements 0.44017
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2534
1
reference_url https://security.archlinux.org/AVG-2785
reference_id AVG-2785
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2785
fixed_packages
0
url pkg:alpm/archlinux/gitlab@15.2.1-1
purl pkg:alpm/archlinux/gitlab@15.2.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.1-1
aliases CVE-2022-2534
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3szm-mdpf-6ua7
2
url VCID-92x8-rmhg-zuh6
vulnerability_id VCID-92x8-rmhg-zuh6
summary An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible to gain access to a private project through an email invite by using other user's email address as an unverified secondary email.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2326
reference_id
reference_type
scores
0
value 0.00245
scoring_system epss
scoring_elements 0.47788
published_at 2026-04-24T12:55:00Z
1
value 0.00245
scoring_system epss
scoring_elements 0.47777
published_at 2026-04-02T12:55:00Z
2
value 0.00245
scoring_system epss
scoring_elements 0.47796
published_at 2026-04-12T12:55:00Z
3
value 0.00245
scoring_system epss
scoring_elements 0.47745
published_at 2026-04-07T12:55:00Z
4
value 0.00245
scoring_system epss
scoring_elements 0.478
published_at 2026-04-08T12:55:00Z
5
value 0.00245
scoring_system epss
scoring_elements 0.47795
published_at 2026-04-09T12:55:00Z
6
value 0.00245
scoring_system epss
scoring_elements 0.4782
published_at 2026-04-11T12:55:00Z
7
value 0.00245
scoring_system epss
scoring_elements 0.47806
published_at 2026-04-21T12:55:00Z
8
value 0.00245
scoring_system epss
scoring_elements 0.4786
published_at 2026-04-16T12:55:00Z
9
value 0.00245
scoring_system epss
scoring_elements 0.47853
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2326
1
reference_url https://security.archlinux.org/AVG-2785
reference_id AVG-2785
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2785
fixed_packages
0
url pkg:alpm/archlinux/gitlab@15.2.1-1
purl pkg:alpm/archlinux/gitlab@15.2.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.1-1
aliases CVE-2022-2326
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92x8-rmhg-zuh6
3
url VCID-9cvy-mzhc-ukhu
vulnerability_id VCID-9cvy-mzhc-ukhu
summary An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. A malicious developer could exfiltrate an integration's access token by modifying the integration URL such that authenticated requests are sent to an attacker controlled server.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2497
reference_id
reference_type
scores
0
value 0.0159
scoring_system epss
scoring_elements 0.81693
published_at 2026-04-24T12:55:00Z
1
value 0.0159
scoring_system epss
scoring_elements 0.81577
published_at 2026-04-02T12:55:00Z
2
value 0.0159
scoring_system epss
scoring_elements 0.81598
published_at 2026-04-04T12:55:00Z
3
value 0.0159
scoring_system epss
scoring_elements 0.81596
published_at 2026-04-07T12:55:00Z
4
value 0.0159
scoring_system epss
scoring_elements 0.81623
published_at 2026-04-08T12:55:00Z
5
value 0.0159
scoring_system epss
scoring_elements 0.81629
published_at 2026-04-13T12:55:00Z
6
value 0.0159
scoring_system epss
scoring_elements 0.81649
published_at 2026-04-11T12:55:00Z
7
value 0.0159
scoring_system epss
scoring_elements 0.81636
published_at 2026-04-12T12:55:00Z
8
value 0.0159
scoring_system epss
scoring_elements 0.81667
published_at 2026-04-16T12:55:00Z
9
value 0.0159
scoring_system epss
scoring_elements 0.81666
published_at 2026-04-18T12:55:00Z
10
value 0.0159
scoring_system epss
scoring_elements 0.8167
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2497
1
reference_url https://security.archlinux.org/AVG-2785
reference_id AVG-2785
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2785
fixed_packages
0
url pkg:alpm/archlinux/gitlab@15.2.1-1
purl pkg:alpm/archlinux/gitlab@15.2.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.1-1
aliases CVE-2022-2497
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9cvy-mzhc-ukhu
4
url VCID-hd2f-p7zx-vqcp
vulnerability_id VCID-hd2f-p7zx-vqcp
summary An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. Membership changes are not reflected in TODO for confidential notes, allowing a former project members to read updates via TODOs.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2512
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31331
published_at 2026-04-24T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31655
published_at 2026-04-02T12:55:00Z
2
value 0.00123
scoring_system epss
scoring_elements 0.31699
published_at 2026-04-04T12:55:00Z
3
value 0.00123
scoring_system epss
scoring_elements 0.31517
published_at 2026-04-07T12:55:00Z
4
value 0.00123
scoring_system epss
scoring_elements 0.3157
published_at 2026-04-08T12:55:00Z
5
value 0.00123
scoring_system epss
scoring_elements 0.316
published_at 2026-04-09T12:55:00Z
6
value 0.00123
scoring_system epss
scoring_elements 0.31605
published_at 2026-04-11T12:55:00Z
7
value 0.00123
scoring_system epss
scoring_elements 0.31563
published_at 2026-04-12T12:55:00Z
8
value 0.00123
scoring_system epss
scoring_elements 0.31526
published_at 2026-04-13T12:55:00Z
9
value 0.00123
scoring_system epss
scoring_elements 0.31559
published_at 2026-04-16T12:55:00Z
10
value 0.00123
scoring_system epss
scoring_elements 0.31537
published_at 2026-04-18T12:55:00Z
11
value 0.00123
scoring_system epss
scoring_elements 0.31504
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2512
1
reference_url https://security.archlinux.org/AVG-2785
reference_id AVG-2785
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2785
fixed_packages
0
url pkg:alpm/archlinux/gitlab@15.2.1-1
purl pkg:alpm/archlinux/gitlab@15.2.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.1-1
aliases CVE-2022-2512
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hd2f-p7zx-vqcp
5
url VCID-hfyr-23g4-y7e5
vulnerability_id VCID-hfyr-23g4-y7e5
summary An improper access control check in GitLab CE/EE affecting all versions starting from 13.7 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious authenticated user to view a public project's Deploy Key's public fingerprint and name when that key has write permission. Note that GitLab never asks for nor stores the private key.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2095
reference_id
reference_type
scores
0
value 0.00581
scoring_system epss
scoring_elements 0.6898
published_at 2026-04-24T12:55:00Z
1
value 0.00581
scoring_system epss
scoring_elements 0.6885
published_at 2026-04-02T12:55:00Z
2
value 0.00581
scoring_system epss
scoring_elements 0.68871
published_at 2026-04-04T12:55:00Z
3
value 0.00581
scoring_system epss
scoring_elements 0.68851
published_at 2026-04-07T12:55:00Z
4
value 0.00581
scoring_system epss
scoring_elements 0.68901
published_at 2026-04-08T12:55:00Z
5
value 0.00581
scoring_system epss
scoring_elements 0.68919
published_at 2026-04-09T12:55:00Z
6
value 0.00581
scoring_system epss
scoring_elements 0.68942
published_at 2026-04-11T12:55:00Z
7
value 0.00581
scoring_system epss
scoring_elements 0.68928
published_at 2026-04-12T12:55:00Z
8
value 0.00581
scoring_system epss
scoring_elements 0.68899
published_at 2026-04-13T12:55:00Z
9
value 0.00581
scoring_system epss
scoring_elements 0.68939
published_at 2026-04-16T12:55:00Z
10
value 0.00581
scoring_system epss
scoring_elements 0.6895
published_at 2026-04-18T12:55:00Z
11
value 0.00581
scoring_system epss
scoring_elements 0.68929
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2095
1
reference_url https://security.archlinux.org/AVG-2785
reference_id AVG-2785
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2785
fixed_packages
0
url pkg:alpm/archlinux/gitlab@15.2.1-1
purl pkg:alpm/archlinux/gitlab@15.2.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.1-1
aliases CVE-2022-2095
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hfyr-23g4-y7e5
6
url VCID-mbnw-5r9b-mybe
vulnerability_id VCID-mbnw-5r9b-mybe
summary An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1, allowed a project member to filter issues by contact and organization.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2539
reference_id
reference_type
scores
0
value 0.0019
scoring_system epss
scoring_elements 0.40681
published_at 2026-04-24T12:55:00Z
1
value 0.0019
scoring_system epss
scoring_elements 0.40868
published_at 2026-04-02T12:55:00Z
2
value 0.0019
scoring_system epss
scoring_elements 0.40895
published_at 2026-04-04T12:55:00Z
3
value 0.0019
scoring_system epss
scoring_elements 0.40822
published_at 2026-04-07T12:55:00Z
4
value 0.0019
scoring_system epss
scoring_elements 0.40872
published_at 2026-04-08T12:55:00Z
5
value 0.0019
scoring_system epss
scoring_elements 0.40878
published_at 2026-04-09T12:55:00Z
6
value 0.0019
scoring_system epss
scoring_elements 0.40894
published_at 2026-04-11T12:55:00Z
7
value 0.0019
scoring_system epss
scoring_elements 0.4086
published_at 2026-04-12T12:55:00Z
8
value 0.0019
scoring_system epss
scoring_elements 0.4084
published_at 2026-04-13T12:55:00Z
9
value 0.0019
scoring_system epss
scoring_elements 0.40884
published_at 2026-04-16T12:55:00Z
10
value 0.0019
scoring_system epss
scoring_elements 0.40854
published_at 2026-04-18T12:55:00Z
11
value 0.0019
scoring_system epss
scoring_elements 0.40775
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2539
1
reference_url https://security.archlinux.org/AVG-2785
reference_id AVG-2785
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2785
fixed_packages
0
url pkg:alpm/archlinux/gitlab@15.2.1-1
purl pkg:alpm/archlinux/gitlab@15.2.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.1-1
aliases CVE-2022-2539
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mbnw-5r9b-mybe
7
url VCID-mrtq-9dj4-a7bf
vulnerability_id VCID-mrtq-9dj4-a7bf
summary A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted, though the APIs usable by that token are limited.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2307
reference_id
reference_type
scores
0
value 0.00085
scoring_system epss
scoring_elements 0.24545
published_at 2026-04-24T12:55:00Z
1
value 0.00085
scoring_system epss
scoring_elements 0.24776
published_at 2026-04-02T12:55:00Z
2
value 0.00085
scoring_system epss
scoring_elements 0.24814
published_at 2026-04-04T12:55:00Z
3
value 0.00085
scoring_system epss
scoring_elements 0.24589
published_at 2026-04-07T12:55:00Z
4
value 0.00085
scoring_system epss
scoring_elements 0.24657
published_at 2026-04-08T12:55:00Z
5
value 0.00085
scoring_system epss
scoring_elements 0.24705
published_at 2026-04-09T12:55:00Z
6
value 0.00085
scoring_system epss
scoring_elements 0.24718
published_at 2026-04-11T12:55:00Z
7
value 0.00085
scoring_system epss
scoring_elements 0.24678
published_at 2026-04-12T12:55:00Z
8
value 0.00085
scoring_system epss
scoring_elements 0.24621
published_at 2026-04-13T12:55:00Z
9
value 0.00085
scoring_system epss
scoring_elements 0.24634
published_at 2026-04-16T12:55:00Z
10
value 0.00085
scoring_system epss
scoring_elements 0.24623
published_at 2026-04-18T12:55:00Z
11
value 0.00085
scoring_system epss
scoring_elements 0.24601
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2307
1
reference_url https://security.archlinux.org/AVG-2785
reference_id AVG-2785
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2785
fixed_packages
0
url pkg:alpm/archlinux/gitlab@15.2.1-1
purl pkg:alpm/archlinux/gitlab@15.2.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.1-1
aliases CVE-2022-2307
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mrtq-9dj4-a7bf
8
url VCID-tv9d-9wvu-rfdg
vulnerability_id VCID-tv9d-9wvu-rfdg
summary An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for group members to bypass 2FA enforcement enabled at the group level by using Resource Owner Password Credentials grant to obtain an access token without using 2FA.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2303
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.37885
published_at 2026-04-24T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.38229
published_at 2026-04-02T12:55:00Z
2
value 0.00169
scoring_system epss
scoring_elements 0.38252
published_at 2026-04-04T12:55:00Z
3
value 0.00169
scoring_system epss
scoring_elements 0.38122
published_at 2026-04-07T12:55:00Z
4
value 0.00169
scoring_system epss
scoring_elements 0.38172
published_at 2026-04-08T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.3818
published_at 2026-04-09T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.38198
published_at 2026-04-11T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38163
published_at 2026-04-12T12:55:00Z
8
value 0.00169
scoring_system epss
scoring_elements 0.38139
published_at 2026-04-13T12:55:00Z
9
value 0.00169
scoring_system epss
scoring_elements 0.38184
published_at 2026-04-16T12:55:00Z
10
value 0.00169
scoring_system epss
scoring_elements 0.38166
published_at 2026-04-18T12:55:00Z
11
value 0.00169
scoring_system epss
scoring_elements 0.38101
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2303
1
reference_url https://security.archlinux.org/AVG-2785
reference_id AVG-2785
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2785
fixed_packages
0
url pkg:alpm/archlinux/gitlab@15.2.1-1
purl pkg:alpm/archlinux/gitlab@15.2.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.1-1
aliases CVE-2022-2303
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tv9d-9wvu-rfdg
9
url VCID-tzw9-uffa-9ycy
vulnerability_id VCID-tzw9-uffa-9ycy
summary Insufficient validation in GitLab CE/EE affecting all versions from 12.10 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an authenticated and authorised user to import a project that includes branch names which are 40 hexadecimal characters, which could be abused in supply chain attacks where a victim pinned to a specific Git commit of the project.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2417
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.35153
published_at 2026-04-24T12:55:00Z
1
value 0.00149
scoring_system epss
scoring_elements 0.3549
published_at 2026-04-02T12:55:00Z
2
value 0.00149
scoring_system epss
scoring_elements 0.35515
published_at 2026-04-04T12:55:00Z
3
value 0.00149
scoring_system epss
scoring_elements 0.35398
published_at 2026-04-07T12:55:00Z
4
value 0.00149
scoring_system epss
scoring_elements 0.35444
published_at 2026-04-08T12:55:00Z
5
value 0.00149
scoring_system epss
scoring_elements 0.35468
published_at 2026-04-09T12:55:00Z
6
value 0.00149
scoring_system epss
scoring_elements 0.35478
published_at 2026-04-11T12:55:00Z
7
value 0.00149
scoring_system epss
scoring_elements 0.35435
published_at 2026-04-12T12:55:00Z
8
value 0.00149
scoring_system epss
scoring_elements 0.35411
published_at 2026-04-13T12:55:00Z
9
value 0.00149
scoring_system epss
scoring_elements 0.35452
published_at 2026-04-16T12:55:00Z
10
value 0.00149
scoring_system epss
scoring_elements 0.3544
published_at 2026-04-18T12:55:00Z
11
value 0.00149
scoring_system epss
scoring_elements 0.35387
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2417
1
reference_url https://security.archlinux.org/AVG-2785
reference_id AVG-2785
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2785
fixed_packages
0
url pkg:alpm/archlinux/gitlab@15.2.1-1
purl pkg:alpm/archlinux/gitlab@15.2.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.1-1
aliases CVE-2022-2417
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tzw9-uffa-9ycy
10
url VCID-wyff-62y3-9qdq
vulnerability_id VCID-wyff-62y3-9qdq
summary An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for malicious group or project maintainers to change their corresponding group or project visibility by crafting a malicious POST request.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-2456
reference_id
reference_type
scores
0
value 0.00207
scoring_system epss
scoring_elements 0.43051
published_at 2026-04-24T12:55:00Z
1
value 0.00207
scoring_system epss
scoring_elements 0.4313
published_at 2026-04-02T12:55:00Z
2
value 0.00207
scoring_system epss
scoring_elements 0.43157
published_at 2026-04-04T12:55:00Z
3
value 0.00207
scoring_system epss
scoring_elements 0.43096
published_at 2026-04-07T12:55:00Z
4
value 0.00207
scoring_system epss
scoring_elements 0.43149
published_at 2026-04-12T12:55:00Z
5
value 0.00207
scoring_system epss
scoring_elements 0.43161
published_at 2026-04-09T12:55:00Z
6
value 0.00207
scoring_system epss
scoring_elements 0.43182
published_at 2026-04-11T12:55:00Z
7
value 0.00207
scoring_system epss
scoring_elements 0.43134
published_at 2026-04-13T12:55:00Z
8
value 0.00207
scoring_system epss
scoring_elements 0.43193
published_at 2026-04-16T12:55:00Z
9
value 0.00207
scoring_system epss
scoring_elements 0.43183
published_at 2026-04-18T12:55:00Z
10
value 0.00207
scoring_system epss
scoring_elements 0.43116
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-2456
1
reference_url https://security.archlinux.org/AVG-2785
reference_id AVG-2785
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2785
fixed_packages
0
url pkg:alpm/archlinux/gitlab@15.2.1-1
purl pkg:alpm/archlinux/gitlab@15.2.1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.1-1
aliases CVE-2022-2456
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wyff-62y3-9qdq
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@15.2.0-1