Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-yfzm-n8gu-qfbm

Summary In all versions of GitLab CE/EE starting from 0.8.0 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 certain Unicode characters can be abused to commit malicious code into projects without being noticed in merge request or source code viewer UI.

Aliases

alias	CVE-2021-39908

Fixed_packages

url	pkg:deb/debian/gitlab@15.10.8%2Bds1-2?distro=sid
purl	pkg:deb/debian/gitlab@15.10.8%2Bds1-2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@15.10.8%252Bds1-2%3Fdistro=sid

url	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-39908

reference_id

reference_type

scores

value	0.0018
scoring_system	epss
scoring_elements	0.39601
published_at	2026-04-12T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39585
published_at	2026-04-13T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39636
published_at	2026-04-16T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39606
published_at	2026-04-18T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39523
published_at	2026-04-21T12:55:00Z

value	0.0018
scoring_system	epss
scoring_elements	0.39343
published_at	2026-04-24T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53193
published_at	2026-04-01T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53308
published_at	2026-04-11T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53217
published_at	2026-04-02T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53242
published_at	2026-04-04T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.5321
published_at	2026-04-07T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53262
published_at	2026-04-08T12:55:00Z

value	0.00299
scoring_system	epss
scoring_elements	0.53257
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-39908

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yfzm-n8gu-qfbm

Vulnerability Instance