Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-x4dc-1ecc-gfg9
SummaryAn issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6, all versions starting from 17.5 before 17.5.4 all versions starting from 17.6 before 17.6.2, that allows group users to view confidential incident title through the Wiki History Diff feature, potentially leading to information disclosure.
Aliases
0
alias CVE-2024-10043
Fixed_packages
0
url pkg:deb/debian/gitlab@0?distro=sid
purl pkg:deb/debian/gitlab@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@0%3Fdistro=sid
1
url pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-10043
reference_id
reference_type
scores
0
value 0.00194
scoring_system epss
scoring_elements 0.41202
published_at 2026-04-24T12:55:00Z
1
value 0.00194
scoring_system epss
scoring_elements 0.41371
published_at 2026-04-13T12:55:00Z
2
value 0.00194
scoring_system epss
scoring_elements 0.41415
published_at 2026-04-16T12:55:00Z
3
value 0.00194
scoring_system epss
scoring_elements 0.41387
published_at 2026-04-18T12:55:00Z
4
value 0.00194
scoring_system epss
scoring_elements 0.41314
published_at 2026-04-21T12:55:00Z
5
value 0.00194
scoring_system epss
scoring_elements 0.41383
published_at 2026-04-02T12:55:00Z
6
value 0.00194
scoring_system epss
scoring_elements 0.41412
published_at 2026-04-04T12:55:00Z
7
value 0.00194
scoring_system epss
scoring_elements 0.41339
published_at 2026-04-07T12:55:00Z
8
value 0.00194
scoring_system epss
scoring_elements 0.4139
published_at 2026-04-08T12:55:00Z
9
value 0.00194
scoring_system epss
scoring_elements 0.41397
published_at 2026-04-09T12:55:00Z
10
value 0.00194
scoring_system epss
scoring_elements 0.41417
published_at 2026-04-11T12:55:00Z
11
value 0.00194
scoring_system epss
scoring_elements 0.41386
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-10043
1
reference_url https://hackerone.com/reports/2774817
reference_id 2774817
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T15:21:15Z/
url https://hackerone.com/reports/2774817
2
reference_url https://gitlab.com/gitlab-org/gitlab/-/issues/499577
reference_id 499577
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-12T15:21:15Z/
url https://gitlab.com/gitlab-org/gitlab/-/issues/499577
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
Weaknesses
0
cwe_id 863
name Incorrect Authorization
description The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
Exploits
Severity_range_score3.1 - 3.1
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-x4dc-1ecc-gfg9