Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-w6ms-gbth-wuhr
SummaryAn issue has been discovered in GitLab EE affecting all versions starting from 15.1 before 15.7.8, all versions starting from 15.8 before 15.8.4, all versions starting from 15.9 before 15.9.2. If a group with SAML SSO enabled is transferred to a new namespace as a child group, it's possible previously removed malicious maintainer or owner of the child group can still gain access to the group via SSO or a SCIM token to perform actions on the group.
Aliases
0
alias CVE-2022-4331
Fixed_packages
0
url pkg:deb/debian/gitlab@0?distro=sid
purl pkg:deb/debian/gitlab@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@0%3Fdistro=sid
1
url pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4331
reference_id
reference_type
scores
0
value 0.00262
scoring_system epss
scoring_elements 0.49559
published_at 2026-04-02T12:55:00Z
1
value 0.00328
scoring_system epss
scoring_elements 0.55764
published_at 2026-04-24T12:55:00Z
2
value 0.00328
scoring_system epss
scoring_elements 0.5586
published_at 2026-04-11T12:55:00Z
3
value 0.00328
scoring_system epss
scoring_elements 0.5584
published_at 2026-04-12T12:55:00Z
4
value 0.00328
scoring_system epss
scoring_elements 0.55822
published_at 2026-04-13T12:55:00Z
5
value 0.00328
scoring_system epss
scoring_elements 0.55858
published_at 2026-04-16T12:55:00Z
6
value 0.00328
scoring_system epss
scoring_elements 0.55862
published_at 2026-04-18T12:55:00Z
7
value 0.00328
scoring_system epss
scoring_elements 0.55837
published_at 2026-04-21T12:55:00Z
8
value 0.00328
scoring_system epss
scoring_elements 0.55818
published_at 2026-04-04T12:55:00Z
9
value 0.00328
scoring_system epss
scoring_elements 0.55798
published_at 2026-04-07T12:55:00Z
10
value 0.00328
scoring_system epss
scoring_elements 0.55849
published_at 2026-04-08T12:55:00Z
11
value 0.00328
scoring_system epss
scoring_elements 0.55852
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4331
1
reference_url https://hackerone.com/reports/1791518
reference_id 1791518
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-28T17:24:15Z/
url https://hackerone.com/reports/1791518
2
reference_url https://gitlab.com/gitlab-org/gitlab/-/issues/385050
reference_id 385050
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-28T17:24:15Z/
url https://gitlab.com/gitlab-org/gitlab/-/issues/385050
3
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4331.json
reference_id CVE-2022-4331.json
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-28T17:24:15Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4331.json
Weaknesses
Exploits
Severity_range_score5.7 - 5.7
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-w6ms-gbth-wuhr