GET

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/265331?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/265331?format=api",
    "vulnerability_id": "VCID-svws-7gd2-r3f5",
    "summary": "An issue has been discovered in GitLab affecting all versions before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was incorrectly verifying throttling limits for authenticated package requests which resulted in limits not being enforced.",
    "aliases": [
        {
            "alias": "CVE-2022-1428"
        }
    ],
    "fixed_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/371715?format=api",
            "purl": "pkg:alpm/archlinux/gitlab@14.10.2-1",
            "is_vulnerable": false,
            "affected_by_vulnerabilities": [],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.10.2-1"
        }
    ],
    "affected_packages": [
        {
            "url": "http://public2.vulnerablecode.io/api/packages/371714?format=api",
            "purl": "pkg:alpm/archlinux/gitlab@14.10-1",
            "is_vulnerable": true,
            "affected_by_vulnerabilities": [
                {
                    "vulnerability": "VCID-1tja-ztb9-myhy"
                },
                {
                    "vulnerability": "VCID-221v-5q8x-5ygz"
                },
                {
                    "vulnerability": "VCID-2gxb-vk9m-c3hd"
                },
                {
                    "vulnerability": "VCID-4xun-1v5s-uqbt"
                },
                {
                    "vulnerability": "VCID-62y5-e7f4-7kbz"
                },
                {
                    "vulnerability": "VCID-a4kg-mmhm-jqhp"
                },
                {
                    "vulnerability": "VCID-bvmd-gmg3-eue2"
                },
                {
                    "vulnerability": "VCID-hawe-rs16-37bf"
                },
                {
                    "vulnerability": "VCID-rc6v-b3x8-87bu"
                },
                {
                    "vulnerability": "VCID-svws-7gd2-r3f5"
                },
                {
                    "vulnerability": "VCID-wt3g-99mt-uug6"
                },
                {
                    "vulnerability": "VCID-wvtd-44nu-ckgb"
                },
                {
                    "vulnerability": "VCID-ykza-d472-n7a4"
                }
            ],
            "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@14.10-1"
        }
    ],
    "references": [
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1428",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.33509",
                    "published_at": "2026-05-07T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.33811",
                    "published_at": "2026-04-01T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.34149",
                    "published_at": "2026-04-02T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.34181",
                    "published_at": "2026-04-04T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.34041",
                    "published_at": "2026-04-07T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.34084",
                    "published_at": "2026-04-08T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.34115",
                    "published_at": "2026-04-09T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.34113",
                    "published_at": "2026-04-11T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.34071",
                    "published_at": "2026-04-18T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.34047",
                    "published_at": "2026-04-13T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.34083",
                    "published_at": "2026-04-16T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.34035",
                    "published_at": "2026-04-21T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.33662",
                    "published_at": "2026-04-24T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.3364",
                    "published_at": "2026-04-26T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.33556",
                    "published_at": "2026-04-29T12:55:00Z"
                },
                {
                    "value": "0.00139",
                    "scoring_system": "epss",
                    "scoring_elements": "0.33439",
                    "published_at": "2026-05-05T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1428"
        },
        {
            "reference_url": "https://security.archlinux.org/AVG-2696",
            "reference_id": "AVG-2696",
            "reference_type": "",
            "scores": [
                {
                    "value": "High",
                    "scoring_system": "archlinux",
                    "scoring_elements": ""
                }
            ],
            "url": "https://security.archlinux.org/AVG-2696"
        }
    ],
    "weaknesses": [],
    "exploits": [],
    "severity_range_score": "7.0 - 8.9",
    "exploitability": "0.5",
    "weighted_severity": "8.0",
    "risk_score": 4.0,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-svws-7gd2-r3f5"
}