Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-epk1-js2e-f3hm
Summary
Aliases
0
alias CVE-2026-33557
1
alias GHSA-28jg-cgg7-j4wc
Fixed_packages
0
url pkg:maven/org.apache.kafka/kafka-clients@4.1.2
purl pkg:maven/org.apache.kafka/kafka-clients@4.1.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@4.1.2
Affected_packages
0
url pkg:maven/org.apache.kafka/kafka-clients@4.1.0
purl pkg:maven/org.apache.kafka/kafka-clients@4.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-epk1-js2e-f3hm
1
vulnerability VCID-ja6g-epa4-qbhn
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.kafka/kafka-clients@4.1.0
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33557.json
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33557.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33557
reference_id
reference_type
scores
0
value 0.00043
scoring_system epss
scoring_elements 0.13199
published_at 2026-04-21T12:55:00Z
1
value 0.00125
scoring_system epss
scoring_elements 0.31533
published_at 2026-04-24T12:55:00Z
2
value 0.002
scoring_system epss
scoring_elements 0.41988
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33557
2
reference_url https://github.com/apache/kafka
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/kafka
3
reference_url https://github.com/apache/kafka/commit/01d8e7db8d08dbd538892b409457ea6bfcc2a422
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/kafka/commit/01d8e7db8d08dbd538892b409457ea6bfcc2a422
4
reference_url https://kafka.apache.org/cve-list
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-20T14:29:31Z/
url https://kafka.apache.org/cve-list
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33557
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33557
6
reference_url http://www.openwall.com/lists/oss-security/2026/04/17/2
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2026/04/17/2
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2459739
reference_id 2459739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2459739
8
reference_url https://github.com/advisories/GHSA-28jg-cgg7-j4wc
reference_id GHSA-28jg-cgg7-j4wc
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-28jg-cgg7-j4wc
9
reference_url https://lists.apache.org/thread/v57o00hm6yszdpdnvqx2ss4561yh953h
reference_id v57o00hm6yszdpdnvqx2ss4561yh953h
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-20T14:29:31Z/
url https://lists.apache.org/thread/v57o00hm6yszdpdnvqx2ss4561yh953h
Weaknesses
0
cwe_id 1285
name Improper Validation of Specified Index, Position, or Offset in Input
description The product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties.
1
cwe_id 303
name Incorrect Implementation of Authentication Algorithm
description The requirements for the product dictate the use of an established authentication algorithm, but the implementation of the algorithm is incorrect.
Exploits
Severity_range_score8.6 - 10.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-epk1-js2e-f3hm