Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-3wq9-j84d-kucf

Summary Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1 allowed an attacker already in possession of a valid Project Trigger Token to misuse it from any location even when IP address restrictions were configured

Aliases

alias	CVE-2022-1935

Fixed_packages

url	pkg:deb/debian/gitlab@15.10.8%2Bds1-2?distro=sid
purl	pkg:deb/debian/gitlab@15.10.8%2Bds1-2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@15.10.8%252Bds1-2%3Fdistro=sid

url	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid

Affected_packages

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-1935

reference_id

reference_type

scores

value	0.00143
scoring_system	epss
scoring_elements	0.34355
published_at	2026-04-01T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34673
published_at	2026-04-02T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34699
published_at	2026-04-04T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34568
published_at	2026-04-07T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34611
published_at	2026-04-08T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34641
published_at	2026-04-09T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34643
published_at	2026-04-11T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34604
published_at	2026-04-12T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34581
published_at	2026-04-13T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34619
published_at	2026-04-16T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34605
published_at	2026-04-18T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34566
published_at	2026-04-21T12:55:00Z

value	0.00143
scoring_system	epss
scoring_elements	0.34209
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-1935

Weaknesses

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3wq9-j84d-kucf

Vulnerability Instance