Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-9cd8-6mjw-wyep
Summary
golang.org/x/net/html Infinite Loop vulnerability
Go through 1.15.12 and 1.16.x through 1.16.4 has a golang.org/x/net/html infinite loop via crafted ParseFragment input.
Aliases
0
alias CVE-2021-33194
1
alias GHSA-83g2-8m93-v3w7
Fixed_packages
0
url pkg:deb/debian/golang-golang-x-net@1:0.0%2Bgit20210119.5f4716e%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.0%2Bgit20210119.5f4716e%2Bdfsg-4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3zyn-rapk-ybe8
1
vulnerability VCID-5kkq-5jpf-fqev
2
vulnerability VCID-73s2-6cpr-gkdu
3
vulnerability VCID-aj2b-56uj-gkar
4
vulnerability VCID-asx6-ds7x-6ubz
5
vulnerability VCID-azr4-u36f-pbew
6
vulnerability VCID-g8qg-4g78-pfgn
7
vulnerability VCID-k6de-54xk-dkfv
8
vulnerability VCID-sdd3-35ng-g7a3
9
vulnerability VCID-w53f-uad6-gqdn
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.0%252Bgit20210119.5f4716e%252Bdfsg-4%3Fdistro=trixie
1
url pkg:deb/debian/golang-golang-x-net@1:0.7.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.7.0%2Bdfsg-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3zyn-rapk-ybe8
1
vulnerability VCID-73s2-6cpr-gkdu
2
vulnerability VCID-aj2b-56uj-gkar
3
vulnerability VCID-asx6-ds7x-6ubz
4
vulnerability VCID-g8qg-4g78-pfgn
5
vulnerability VCID-k6de-54xk-dkfv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.7.0%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/golang-golang-x-net@1:0.27.0-2?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.27.0-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-73s2-6cpr-gkdu
1
vulnerability VCID-asx6-ds7x-6ubz
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.27.0-2%3Fdistro=trixie
3
url pkg:deb/debian/golang-golang-x-net@1:0.47.0-2?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.47.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.47.0-2%3Fdistro=trixie
4
url pkg:deb/debian/golang-golang-x-net@1:0.53.0-1?distro=trixie
purl pkg:deb/debian/golang-golang-x-net@1:0.53.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-golang-x-net@1:0.53.0-1%3Fdistro=trixie
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33194.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-33194.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-33194
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.11542
published_at 2026-04-01T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.11668
published_at 2026-04-02T12:55:00Z
2
value 0.00138
scoring_system epss
scoring_elements 0.33987
published_at 2026-04-08T12:55:00Z
3
value 0.00138
scoring_system epss
scoring_elements 0.33945
published_at 2026-04-07T12:55:00Z
4
value 0.00138
scoring_system epss
scoring_elements 0.34087
published_at 2026-04-04T12:55:00Z
5
value 0.00168
scoring_system epss
scoring_elements 0.38
published_at 2026-04-18T12:55:00Z
6
value 0.00168
scoring_system epss
scoring_elements 0.37938
published_at 2026-04-21T12:55:00Z
7
value 0.00168
scoring_system epss
scoring_elements 0.3802
published_at 2026-04-16T12:55:00Z
8
value 0.00168
scoring_system epss
scoring_elements 0.37975
published_at 2026-04-13T12:55:00Z
9
value 0.00168
scoring_system epss
scoring_elements 0.38019
published_at 2026-04-09T12:55:00Z
10
value 0.00168
scoring_system epss
scoring_elements 0.38036
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-33194
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33194
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33194
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/golang/net/commit/37e1c6afe02340126705deced573a85ab75209d7
5
reference_url https://go.dev/cl/311090
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/311090
6
reference_url https://go.dev/issue/46288
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/46288
7
reference_url https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://go.googlesource.com/net/+/37e1c6afe02340126705deced573a85ab75209d7
8
reference_url https://groups.google.com/g/golang-announce/c/wPunbCPkWUg
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://groups.google.com/g/golang-announce/c/wPunbCPkWUg
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CHKSFMHZVOBCZSSVRE3UEYNKARTBMTM
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-33194
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-33194
11
reference_url https://pkg.go.dev/vuln/GO-2021-0238
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2021-0238
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1963232
reference_id 1963232
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1963232
13
reference_url https://access.redhat.com/errata/RHSA-2021:2438
reference_id RHSA-2021:2438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:2438
14
reference_url https://access.redhat.com/errata/RHSA-2021:3759
reference_id RHSA-2021:3759
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3759
15
reference_url https://access.redhat.com/errata/RHSA-2021:4627
reference_id RHSA-2021:4627
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4627
16
reference_url https://usn.ubuntu.com/8089-2/
reference_id USN-8089-2
reference_type
scores
url https://usn.ubuntu.com/8089-2/
17
reference_url https://usn.ubuntu.com/8089-3/
reference_id USN-8089-3
reference_type
scores
url https://usn.ubuntu.com/8089-3/
Weaknesses
0
cwe_id 835
name Loop with Unreachable Exit Condition ('Infinite Loop')
description The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Exploits
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-9cd8-6mjw-wyep