Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-9hj6-5zkd-7kgf
SummaryAn issue was discovered in GitLab Community and Enterprise Edition 11.9 and later through 12.0.2. GitLab Snippets were vulnerable to an authorization issue that allowed unauthorized users to add comments to a private snippet. It allows authentication bypass.
Aliases
0
alias CVE-2019-13001
Fixed_packages
0
url pkg:deb/debian/gitlab@0?distro=sid
purl pkg:deb/debian/gitlab@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@0%3Fdistro=sid
1
url pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid
Affected_packages
References
0
reference_url https://about.gitlab.com/blog/categories/releases/
reference_id
reference_type
scores
url https://about.gitlab.com/blog/categories/releases/
1
reference_url https://about.gitlab.com/releases/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
reference_id
reference_type
scores
url https://about.gitlab.com/releases/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-13001
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22154
published_at 2026-04-24T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22304
published_at 2026-04-21T12:55:00Z
2
value 0.00074
scoring_system epss
scoring_elements 0.22285
published_at 2026-04-01T12:55:00Z
3
value 0.00074
scoring_system epss
scoring_elements 0.22451
published_at 2026-04-02T12:55:00Z
4
value 0.00074
scoring_system epss
scoring_elements 0.22496
published_at 2026-04-04T12:55:00Z
5
value 0.00074
scoring_system epss
scoring_elements 0.22284
published_at 2026-04-07T12:55:00Z
6
value 0.00074
scoring_system epss
scoring_elements 0.22367
published_at 2026-04-08T12:55:00Z
7
value 0.00074
scoring_system epss
scoring_elements 0.22422
published_at 2026-04-09T12:55:00Z
8
value 0.00074
scoring_system epss
scoring_elements 0.22443
published_at 2026-04-11T12:55:00Z
9
value 0.00074
scoring_system epss
scoring_elements 0.22401
published_at 2026-04-12T12:55:00Z
10
value 0.00074
scoring_system epss
scoring_elements 0.22345
published_at 2026-04-13T12:55:00Z
11
value 0.00074
scoring_system epss
scoring_elements 0.22361
published_at 2026-04-16T12:55:00Z
12
value 0.00074
scoring_system epss
scoring_elements 0.22356
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-13001
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
reference_id cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-13001
reference_id CVE-2019-13001
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:P/A:N
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2019-13001
Weaknesses
0
cwe_id 863
name Incorrect Authorization
description The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
Exploits
Severity_range_score4.0 - 4.3
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-9hj6-5zkd-7kgf