Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-m27b-sk6s-pbdv

Summary GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure direct object reference vulnerability that allows authenticated, but unauthorized, users to view members and milestone details of private groups.

Aliases

alias	CVE-2018-19584

Fixed_packages

url	pkg:deb/debian/gitlab@0?distro=sid
purl	pkg:deb/debian/gitlab@0?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@0%3Fdistro=sid

url	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-19584

reference_id

reference_type

scores

value	0.00199
scoring_system	epss
scoring_elements	0.41907
published_at	2026-04-21T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41969
published_at	2026-04-12T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41997
published_at	2026-04-04T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41923
published_at	2026-04-07T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41973
published_at	2026-04-08T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41985
published_at	2026-04-09T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.42007
published_at	2026-04-11T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41955
published_at	2026-04-13T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.42004
published_at	2026-04-16T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41977
published_at	2026-04-18T12:55:00Z

value	0.00199
scoring_system	epss
scoring_elements	0.41846
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-19584

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m27b-sk6s-pbdv

Vulnerability Instance