Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-wuky-wgxh-xkgc
SummaryAn issue was discovered in GitLab EE affecting all versions starting from 16.11 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where certain project-level analytics settings could be leaked in DOM to group members with Developer or higher roles.
Aliases
0
alias CVE-2024-5067
Fixed_packages
0
url pkg:deb/debian/gitlab@0?distro=sid
purl pkg:deb/debian/gitlab@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@0%3Fdistro=sid
1
url pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5067
reference_id
reference_type
scores
0
value 0.00116
scoring_system epss
scoring_elements 0.30079
published_at 2026-04-26T12:55:00Z
1
value 0.00116
scoring_system epss
scoring_elements 0.30394
published_at 2026-04-09T12:55:00Z
2
value 0.00116
scoring_system epss
scoring_elements 0.30396
published_at 2026-04-11T12:55:00Z
3
value 0.00116
scoring_system epss
scoring_elements 0.30353
published_at 2026-04-12T12:55:00Z
4
value 0.00116
scoring_system epss
scoring_elements 0.30306
published_at 2026-04-13T12:55:00Z
5
value 0.00116
scoring_system epss
scoring_elements 0.30322
published_at 2026-04-16T12:55:00Z
6
value 0.00116
scoring_system epss
scoring_elements 0.30304
published_at 2026-04-18T12:55:00Z
7
value 0.00116
scoring_system epss
scoring_elements 0.30259
published_at 2026-04-21T12:55:00Z
8
value 0.00116
scoring_system epss
scoring_elements 0.30194
published_at 2026-04-24T12:55:00Z
9
value 0.00116
scoring_system epss
scoring_elements 0.30445
published_at 2026-04-02T12:55:00Z
10
value 0.00116
scoring_system epss
scoring_elements 0.3049
published_at 2026-04-04T12:55:00Z
11
value 0.00116
scoring_system epss
scoring_elements 0.30301
published_at 2026-04-07T12:55:00Z
12
value 0.00116
scoring_system epss
scoring_elements 0.3036
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5067
1
reference_url https://hackerone.com/reports/2462303
reference_id 2462303
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:32:48Z/
url https://hackerone.com/reports/2462303
2
reference_url https://hackerone.com/reports/2502047
reference_id 2502047
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:32:48Z/
url https://hackerone.com/reports/2502047
3
reference_url https://gitlab.com/gitlab-org/gitlab/-/issues/458504
reference_id 458504
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:32:48Z/
url https://gitlab.com/gitlab-org/gitlab/-/issues/458504
4
reference_url https://gitlab.com/gitlab-org/gitlab/-/issues/462427
reference_id 462427
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-26T15:32:48Z/
url https://gitlab.com/gitlab-org/gitlab/-/issues/462427
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
Weaknesses
0
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Exploits
Severity_range_score4.4 - 4.4
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-wuky-wgxh-xkgc