Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-mgy7-efcp-wbdv

Summary An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones.

Aliases

alias	CVE-2022-0172

Fixed_packages

url	pkg:deb/debian/gitlab@15.10.8%2Bds1-2?distro=sid
purl	pkg:deb/debian/gitlab@15.10.8%2Bds1-2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@15.10.8%252Bds1-2%3Fdistro=sid

url	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0172

reference_id

reference_type

scores

value	0.00083
scoring_system	epss
scoring_elements	0.2435
published_at	2026-04-01T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24476
published_at	2026-04-02T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.2451
published_at	2026-04-04T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24294
published_at	2026-04-07T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24361
published_at	2026-04-08T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24405
published_at	2026-04-09T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24422
published_at	2026-04-11T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.2438
published_at	2026-04-12T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24323
published_at	2026-04-13T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.2434
published_at	2026-04-16T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.2433
published_at	2026-04-18T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24303
published_at	2026-04-21T12:55:00Z

value	0.00083
scoring_system	epss
scoring_elements	0.24179
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0172

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mgy7-efcp-wbdv

Vulnerability Instance