Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-8hjj-ta47-mqe6

Summary Server side request forgery protections in GitLab CE/EE versions between 8.4 and 14.4.4, between 14.5.0 and 14.5.2, and between 14.6.0 and 14.6.1 would fail to protect against attacks sending requests to localhost on port 80 or 443 if GitLab was configured to run on a port other than 80 or 443

Aliases

alias	CVE-2021-39927

Fixed_packages

url	pkg:deb/debian/gitlab@15.10.8%2Bds1-2?distro=sid
purl	pkg:deb/debian/gitlab@15.10.8%2Bds1-2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@15.10.8%252Bds1-2%3Fdistro=sid

url	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-39927

reference_id

reference_type

scores

value	0.00143
scoring_system	epss
scoring_elements	0.34474
published_at	2026-04-01T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34693
published_at	2026-04-02T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.3472
published_at	2026-04-04T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34596
published_at	2026-04-07T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.3464
published_at	2026-04-08T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34669
published_at	2026-04-09T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34672
published_at	2026-04-11T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34632
published_at	2026-04-12T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34608
published_at	2026-04-13T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34647
published_at	2026-04-16T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34633
published_at	2026-04-18T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34594
published_at	2026-04-21T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34357
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-39927

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8hjj-ta47-mqe6

Vulnerability Instance