Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-6z5v-da6y-d3gg
SummaryAn issue has been discovered in GitLab EE affecting all versions starting from 14.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. Lack of verification on RelayState parameter allowed a maliciously crafted URL to obtain access tokens granted for 3rd party Group SAML SSO logins. This feature isn't enabled by default.
Aliases
0
alias CVE-2023-1965
Fixed_packages
0
url pkg:deb/debian/gitlab@0?distro=sid
purl pkg:deb/debian/gitlab@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@0%3Fdistro=sid
1
url pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-1965
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.1894
published_at 2026-04-24T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.19123
published_at 2026-04-12T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.19071
published_at 2026-04-13T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.19027
published_at 2026-04-16T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19039
published_at 2026-04-18T12:55:00Z
5
value 0.00061
scoring_system epss
scoring_elements 0.19048
published_at 2026-04-21T12:55:00Z
6
value 0.00061
scoring_system epss
scoring_elements 0.19264
published_at 2026-04-02T12:55:00Z
7
value 0.00061
scoring_system epss
scoring_elements 0.19316
published_at 2026-04-04T12:55:00Z
8
value 0.00061
scoring_system epss
scoring_elements 0.19031
published_at 2026-04-07T12:55:00Z
9
value 0.00061
scoring_system epss
scoring_elements 0.1911
published_at 2026-04-08T12:55:00Z
10
value 0.00061
scoring_system epss
scoring_elements 0.19164
published_at 2026-04-09T12:55:00Z
11
value 0.00061
scoring_system epss
scoring_elements 0.1917
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-1965
1
reference_url https://hackerone.com/reports/1923672
reference_id 1923672
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-29T21:39:52Z/
url https://hackerone.com/reports/1923672
2
reference_url https://gitlab.com/gitlab-org/gitlab/-/issues/406235
reference_id 406235
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-29T21:39:52Z/
url https://gitlab.com/gitlab-org/gitlab/-/issues/406235
3
reference_url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1965.json
reference_id CVE-2023-1965.json
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-29T21:39:52Z/
url https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1965.json
Weaknesses
Exploits
Severity_range_score6.8 - 6.8
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-6z5v-da6y-d3gg