Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-7hhz-j8p7-zfd1
SummaryAn issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports.
Aliases
0
alias CVE-2023-5106
Fixed_packages
0
url pkg:deb/debian/gitlab@0?distro=sid
purl pkg:deb/debian/gitlab@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@0%3Fdistro=sid
1
url pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-5106
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12071
published_at 2026-04-21T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.12047
published_at 2026-04-24T12:55:00Z
2
value 0.00041
scoring_system epss
scoring_elements 0.12519
published_at 2026-04-09T12:55:00Z
3
value 0.00041
scoring_system epss
scoring_elements 0.12453
published_at 2026-04-12T12:55:00Z
4
value 0.00041
scoring_system epss
scoring_elements 0.12413
published_at 2026-04-13T12:55:00Z
5
value 0.00041
scoring_system epss
scoring_elements 0.12319
published_at 2026-04-16T12:55:00Z
6
value 0.00041
scoring_system epss
scoring_elements 0.1232
published_at 2026-04-18T12:55:00Z
7
value 0.00041
scoring_system epss
scoring_elements 0.12581
published_at 2026-04-04T12:55:00Z
8
value 0.00041
scoring_system epss
scoring_elements 0.12388
published_at 2026-04-07T12:55:00Z
9
value 0.00041
scoring_system epss
scoring_elements 0.12468
published_at 2026-04-08T12:55:00Z
10
value 0.00041
scoring_system epss
scoring_elements 0.12538
published_at 2026-04-02T12:55:00Z
11
value 0.00041
scoring_system epss
scoring_elements 0.12491
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-5106
1
reference_url https://gitlab.com/gitlab-org/gitlab/-/commit/67039cfcae80b8fc0496f79be88714873cd169b3
reference_id 67039cfcae80b8fc0496f79be88714873cd169b3
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-30T15:13:29Z/
url https://gitlab.com/gitlab-org/gitlab/-/commit/67039cfcae80b8fc0496f79be88714873cd169b3
2
reference_url https://gitlab.com/gitlab-org/security/gitlab/-/issues/980
reference_id 980
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-30T15:13:29Z/
url https://gitlab.com/gitlab-org/security/gitlab/-/issues/980
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*
Weaknesses
0
cwe_id 863
name Incorrect Authorization
description The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
Exploits
Severity_range_score8.2 - 8.2
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-7hhz-j8p7-zfd1