Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-67kb-auca-y7ap
Summary
Aliases
0
alias CVE-2017-9735
1
alias GHSA-wfcc-pff6-rgc5
Fixed_packages
0
url pkg:maven/org.eclipse.jetty/jetty-server@9.2.22.v20170606
purl pkg:maven/org.eclipse.jetty/jetty-server@9.2.22.v20170606
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.22.v20170606
1
url pkg:maven/org.eclipse.jetty/jetty-server@9.3.20.v20170531
purl pkg:maven/org.eclipse.jetty/jetty-server@9.3.20.v20170531
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.20.v20170531
2
url pkg:maven/org.eclipse.jetty/jetty-server@9.4.6.v20170531
purl pkg:maven/org.eclipse.jetty/jetty-server@9.4.6.v20170531
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.6.v20170531
3
url pkg:maven/org.eclipse.jetty/jetty-util@9.4.6.v20170531
purl pkg:maven/org.eclipse.jetty/jetty-util@9.4.6.v20170531
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-util@9.4.6.v20170531
Affected_packages
0
url pkg:maven/org.eclipse.jetty/jetty-server@9.2.21.v20170120
purl pkg:maven/org.eclipse.jetty/jetty-server@9.2.21.v20170120
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-67kb-auca-y7ap
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.2.21.v20170120
1
url pkg:maven/org.eclipse.jetty/jetty-server@9.3.0
purl pkg:maven/org.eclipse.jetty/jetty-server@9.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-414j-4v98-ybe4
1
vulnerability VCID-67kb-auca-y7ap
2
vulnerability VCID-74fj-xnga-8qev
3
vulnerability VCID-81r7-kn2w-1kfa
4
vulnerability VCID-cud7-ezp9-pfhw
5
vulnerability VCID-d7wp-3esn-qya4
6
vulnerability VCID-fy51-qh5f-4fg6
7
vulnerability VCID-hp8b-mh6n-5qg6
8
vulnerability VCID-qxw6-j892-1kc2
9
vulnerability VCID-zpaj-6sn3-7kgz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.0
2
url pkg:maven/org.eclipse.jetty/jetty-server@9.3.19.v20170502
purl pkg:maven/org.eclipse.jetty/jetty-server@9.3.19.v20170502
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-67kb-auca-y7ap
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.3.19.v20170502
3
url pkg:maven/org.eclipse.jetty/jetty-server@9.4.0
purl pkg:maven/org.eclipse.jetty/jetty-server@9.4.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-414j-4v98-ybe4
1
vulnerability VCID-67kb-auca-y7ap
2
vulnerability VCID-74fj-xnga-8qev
3
vulnerability VCID-81r7-kn2w-1kfa
4
vulnerability VCID-d7wp-3esn-qya4
5
vulnerability VCID-hp8b-mh6n-5qg6
6
vulnerability VCID-nqyq-1xtc-nqhz
7
vulnerability VCID-qxw6-j892-1kc2
8
vulnerability VCID-zpaj-6sn3-7kgz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.0
4
url pkg:maven/org.eclipse.jetty/jetty-server@9.4.5.v20170502
purl pkg:maven/org.eclipse.jetty/jetty-server@9.4.5.v20170502
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-67kb-auca-y7ap
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.eclipse.jetty/jetty-server@9.4.5.v20170502
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9735
reference_id
reference_type
scores
0
value 0.0084
scoring_system epss
scoring_elements 0.7503
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9735
1
reference_url https://bugs.debian.org/864631
reference_id
reference_type
scores
url https://bugs.debian.org/864631
2
reference_url https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f5947b5457dc02
reference_id
reference_type
scores
url https://github.com/eclipse/jetty.project/commit/042f325f1cd6e7891d72c7e668f5947b5457dc02
3
reference_url https://github.com/eclipse/jetty.project/commit/2baa1abe4b1c380a30deacca1ed367466a1a62ea
reference_id
reference_type
scores
url https://github.com/eclipse/jetty.project/commit/2baa1abe4b1c380a30deacca1ed367466a1a62ea
4
reference_url https://github.com/eclipse/jetty.project/commit/f3751d70787fd8ab93932a51c60514c2eb37cb58
reference_id
reference_type
scores
url https://github.com/eclipse/jetty.project/commit/f3751d70787fd8ab93932a51c60514c2eb37cb58
5
reference_url https://github.com/eclipse/jetty.project/issues/1556
reference_id
reference_type
scores
url https://github.com/eclipse/jetty.project/issues/1556
6
reference_url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/36870f6c51f5bc25e6f7bb1fcace0e57e81f1524019b11f466738559@%3Ccommon-dev.hadoop.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/36870f6c51f5bc25e6f7bb1fcace0e57e81f1524019b11f466738559@%3Ccommon-dev.hadoop.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/f887a5978f5e4c62b9cfe876336628385cff429e796962649649ec8a@%3Ccommon-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f887a5978f5e4c62b9cfe876336628385cff429e796962649649ec8a@%3Ccommon-issues.hadoop.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E
12
reference_url https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2021/05/msg00016.html
13
reference_url https://web.archive.org/web/20170826163336/http://www.securityfocus.com/bid/99104
reference_id
reference_type
scores
url https://web.archive.org/web/20170826163336/http://www.securityfocus.com/bid/99104
14
reference_url https://www.oracle.com//security-alerts/cpujul2021.html
reference_id
reference_type
scores
url https://www.oracle.com//security-alerts/cpujul2021.html
15
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpuoct2020.html
16
reference_url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id
reference_type
scores
url https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
17
reference_url http://www.securityfocus.com/bid/99104
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/99104
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-9735
reference_id CVE-2017-9735
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-9735
19
reference_url https://github.com/advisories/GHSA-wfcc-pff6-rgc5
reference_id GHSA-wfcc-pff6-rgc5
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wfcc-pff6-rgc5
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 203
name Observable Discrepancy
description The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.
Exploits
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-67kb-auca-y7ap