Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-n6nz-5x6j-yke3

Summary

Apache Kafka Client Arbitrary File Read and Server Side Request Forgery Vulnerability
A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use the "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url" configuratin to read arbitrary contents of the disk and environment variables or make requests to an unintended location. In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment/URL access, which may be undesirable in certain environments, including SaaS products. 

Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.sasl.oauthbearer.allowed.urls") to set the allowed urls in SASL JAAS configuration. In 3.9.1, it accepts all urls by default for backward compatibility. However in 4.0.0 and newer, the default value is empty list and users have to set the allowed urls explicitly.

Aliases

alias	CVE-2025-27817

alias	GHSA-vgq5-3255-v292

Fixed_packages

url	pkg:maven/org.apache.kafka/kafka-clients@3.9.1
purl	pkg:maven/org.apache.kafka/kafka-clients@3.9.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.9.1

Affected_packages

url pkg:maven/org.apache.kafka/kafka-clients@3.1.0

purl pkg:maven/org.apache.kafka/kafka-clients@3.1.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.1.0

url pkg:maven/org.apache.kafka/kafka-clients@3.1.1

purl pkg:maven/org.apache.kafka/kafka-clients@3.1.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.1.1

url pkg:maven/org.apache.kafka/kafka-clients@3.1.2

purl pkg:maven/org.apache.kafka/kafka-clients@3.1.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.1.2

url pkg:maven/org.apache.kafka/kafka-clients@3.2.0

purl pkg:maven/org.apache.kafka/kafka-clients@3.2.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.2.0

url pkg:maven/org.apache.kafka/kafka-clients@3.2.1

purl pkg:maven/org.apache.kafka/kafka-clients@3.2.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.2.1

url pkg:maven/org.apache.kafka/kafka-clients@3.2.2

purl pkg:maven/org.apache.kafka/kafka-clients@3.2.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.2.2

url pkg:maven/org.apache.kafka/kafka-clients@3.2.3

purl pkg:maven/org.apache.kafka/kafka-clients@3.2.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.2.3

url pkg:maven/org.apache.kafka/kafka-clients@3.3.0

purl pkg:maven/org.apache.kafka/kafka-clients@3.3.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.3.0

url pkg:maven/org.apache.kafka/kafka-clients@3.3.1

purl pkg:maven/org.apache.kafka/kafka-clients@3.3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.3.1

url pkg:maven/org.apache.kafka/kafka-clients@3.3.2

purl pkg:maven/org.apache.kafka/kafka-clients@3.3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.3.2

url pkg:maven/org.apache.kafka/kafka-clients@3.4.0

purl pkg:maven/org.apache.kafka/kafka-clients@3.4.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.4.0

url pkg:maven/org.apache.kafka/kafka-clients@3.4.1

purl pkg:maven/org.apache.kafka/kafka-clients@3.4.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.4.1

url pkg:maven/org.apache.kafka/kafka-clients@3.5.0

purl pkg:maven/org.apache.kafka/kafka-clients@3.5.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.5.0

url pkg:maven/org.apache.kafka/kafka-clients@3.5.1

purl pkg:maven/org.apache.kafka/kafka-clients@3.5.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.5.1

url pkg:maven/org.apache.kafka/kafka-clients@3.5.2

purl pkg:maven/org.apache.kafka/kafka-clients@3.5.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.5.2

url pkg:maven/org.apache.kafka/kafka-clients@3.6.0

purl pkg:maven/org.apache.kafka/kafka-clients@3.6.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.6.0

url pkg:maven/org.apache.kafka/kafka-clients@3.6.1

purl pkg:maven/org.apache.kafka/kafka-clients@3.6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.6.1

url pkg:maven/org.apache.kafka/kafka-clients@3.6.2

purl pkg:maven/org.apache.kafka/kafka-clients@3.6.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.6.2

url pkg:maven/org.apache.kafka/kafka-clients@3.7.0

purl pkg:maven/org.apache.kafka/kafka-clients@3.7.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-26bs-85hq-ufac

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.7.0

url pkg:maven/org.apache.kafka/kafka-clients@3.7.1

purl pkg:maven/org.apache.kafka/kafka-clients@3.7.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.7.1

url pkg:maven/org.apache.kafka/kafka-clients@3.7.2

purl pkg:maven/org.apache.kafka/kafka-clients@3.7.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.7.2

url pkg:maven/org.apache.kafka/kafka-clients@3.8.0

purl pkg:maven/org.apache.kafka/kafka-clients@3.8.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.8.0

url pkg:maven/org.apache.kafka/kafka-clients@3.8.1

purl pkg:maven/org.apache.kafka/kafka-clients@3.8.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.8.1

url pkg:maven/org.apache.kafka/kafka-clients@3.9.0

purl pkg:maven/org.apache.kafka/kafka-clients@3.9.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-n6nz-5x6j-yke3

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@3.9.0

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27817.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27817.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27817

reference_id

reference_type

scores

value	0.13418
scoring_system	epss
scoring_elements	0.94174
published_at	2026-04-04T12:55:00Z

value	0.13418
scoring_system	epss
scoring_elements	0.94162
published_at	2026-04-02T12:55:00Z

value	0.19926
scoring_system	epss
scoring_elements	0.95479
published_at	2026-04-24T12:55:00Z

value	0.20454
scoring_system	epss
scoring_elements	0.95531
published_at	2026-04-07T12:55:00Z

value	0.20454
scoring_system	epss
scoring_elements	0.95545
published_at	2026-04-11T12:55:00Z

value	0.20454
scoring_system	epss
scoring_elements	0.95541
published_at	2026-04-09T12:55:00Z

value	0.20454
scoring_system	epss
scoring_elements	0.95538
published_at	2026-04-08T12:55:00Z

value	0.20454
scoring_system	epss
scoring_elements	0.95562
published_at	2026-04-21T12:55:00Z

value	0.20454
scoring_system	epss
scoring_elements	0.95556
published_at	2026-04-16T12:55:00Z

value	0.20454
scoring_system	epss
scoring_elements	0.95548
published_at	2026-04-13T12:55:00Z

value	0.20454
scoring_system	epss
scoring_elements	0.95546
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27817

reference_url

https://github.com/apache/kafka

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	6.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/apache/kafka

reference_url

https://kafka.apache.org/cve-list

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	6.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-10T14:17:53Z/

url

https://kafka.apache.org/cve-list

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-27817

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	6.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-27817

reference_url

http://www.openwall.com/lists/oss-security/2025/06/09/1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	6.2
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2025/06/09/1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2371367
reference_id	2371367
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2371367

reference_url

https://github.com/advisories/GHSA-vgq5-3255-v292

reference_id

GHSA-vgq5-3255-v292

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-vgq5-3255-v292

Weaknesses

cwe_id	918
name	Server-Side Request Forgery (SSRF)
description	The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 4.0 - 8.1

Exploitability 0.5

Weighted_severity 7.3

Risk_score 3.6

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n6nz-5x6j-yke3

Vulnerability Instance