Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/pdns@4.7.3-2
Typedeb
Namespacedebian
Namepdns
Version4.7.3-2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.9.7-1
Latest_non_vulnerable_version4.9.7-1
Affected_by_vulnerabilities
0
url VCID-6pjd-r9ca-rbgg
vulnerability_id VCID-6pjd-r9ca-rbgg
summary An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33611
reference_id
reference_type
scores
0
value 5e-05
scoring_system epss
scoring_elements 0.00208
published_at 2026-04-26T12:55:00Z
1
value 5e-05
scoring_system epss
scoring_elements 0.00272
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33611
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33611
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33611
2
reference_url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html
reference_id powerdns-advisory-powerdns-2026-05.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:24:04Z/
url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html
fixed_packages
0
url pkg:deb/debian/pdns@4.9.7-1
purl pkg:deb/debian/pdns@4.9.7-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.9.7-1
aliases CVE-2026-33611
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6pjd-r9ca-rbgg
1
url VCID-6uz8-kz5m-8ya9
vulnerability_id VCID-6uz8-kz5m-8ya9
summary An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33608
reference_id
reference_type
scores
0
value 5e-05
scoring_system epss
scoring_elements 0.00289
published_at 2026-04-24T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00354
published_at 2026-04-26T12:55:00Z
2
value 7e-05
scoring_system epss
scoring_elements 0.00557
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33608
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33608
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33608
2
reference_url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html
reference_id powerdns-advisory-powerdns-2026-05.html
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:28:03Z/
url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html
fixed_packages
0
url pkg:deb/debian/pdns@4.9.7-1
purl pkg:deb/debian/pdns@4.9.7-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.9.7-1
aliases CVE-2026-33608
risk_score 1.9
exploitability 0.5
weighted_severity 3.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6uz8-kz5m-8ya9
2
url VCID-chzq-qej6-rkdq
vulnerability_id VCID-chzq-qej6-rkdq
summary An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33257
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01614
published_at 2026-04-29T12:55:00Z
1
value 9e-05
scoring_system epss
scoring_elements 0.00988
published_at 2026-04-24T12:55:00Z
2
value 9e-05
scoring_system epss
scoring_elements 0.00992
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33257
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33257
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33257
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html
reference_id powerdns-advisory-2026-05.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:48Z/
url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html
4
reference_url https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html
reference_id powerdns-advisory-for-dnsdist-2026-04.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:48Z/
url https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html
5
reference_url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html
reference_id powerdns-advisory-powerdns-2026-03.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:48Z/
url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html
fixed_packages
0
url pkg:deb/debian/pdns@4.9.7-1
purl pkg:deb/debian/pdns@4.9.7-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.9.7-1
aliases CVE-2026-33257
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-chzq-qej6-rkdq
3
url VCID-g4df-vh2e-abch
vulnerability_id VCID-g4df-vh2e-abch
summary Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33609
reference_id
reference_type
scores
0
value 8e-05
scoring_system epss
scoring_elements 0.00747
published_at 2026-04-24T12:55:00Z
1
value 8e-05
scoring_system epss
scoring_elements 0.00793
published_at 2026-04-26T12:55:00Z
2
value 8e-05
scoring_system epss
scoring_elements 0.00805
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33609
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33609
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33609
2
reference_url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html
reference_id powerdns-advisory-powerdns-2026-05.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:26:43Z/
url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html
fixed_packages
0
url pkg:deb/debian/pdns@4.9.7-1
purl pkg:deb/debian/pdns@4.9.7-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.9.7-1
aliases CVE-2026-33609
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g4df-vh2e-abch
4
url VCID-pfhu-1qdf-p7d5
vulnerability_id VCID-pfhu-1qdf-p7d5
summary An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33260
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01614
published_at 2026-04-29T12:55:00Z
1
value 9e-05
scoring_system epss
scoring_elements 0.00988
published_at 2026-04-24T12:55:00Z
2
value 9e-05
scoring_system epss
scoring_elements 0.00992
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33260
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33260
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html
reference_id powerdns-advisory-2026-05.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:50Z/
url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2026-05.html
4
reference_url https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html
reference_id powerdns-advisory-for-dnsdist-2026-04.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:50Z/
url https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2026-04.html
5
reference_url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html
reference_id powerdns-advisory-powerdns-2026-03.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-22T17:54:50Z/
url https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-powerdns-2026-03.html
fixed_packages
0
url pkg:deb/debian/pdns@4.9.7-1
purl pkg:deb/debian/pdns@4.9.7-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.9.7-1
aliases CVE-2026-33260
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pfhu-1qdf-p7d5
5
url VCID-xa6z-cw1x-7qba
vulnerability_id VCID-xa6z-cw1x-7qba
summary A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33610
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03551
published_at 2026-04-24T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04027
published_at 2026-04-26T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05501
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33610
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33610
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33610
2
reference_url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html
reference_id powerdns-advisory-powerdns-2026-05.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-22T14:25:29Z/
url https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-powerdns-2026-05.html
fixed_packages
0
url pkg:deb/debian/pdns@4.9.7-1
purl pkg:deb/debian/pdns@4.9.7-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.9.7-1
aliases CVE-2026-33610
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xa6z-cw1x-7qba
Fixing_vulnerabilities
0
url VCID-7dc3-qdk8-k7b2
vulnerability_id VCID-7dc3-qdk8-k7b2
summary In PowerDNS Authoritative Server before 4.4.3, 4.5.x before 4.5.4, and 4.6.x before 4.6.1 and PowerDNS Recursor before 4.4.8, 4.5.x before 4.5.8, and 4.6.x before 4.6.1, insufficient validation of an IXFR end condition causes incomplete zone transfers to be handled as successful transfers.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-27227
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07439
published_at 2026-04-29T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07522
published_at 2026-04-21T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07482
published_at 2026-04-24T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07471
published_at 2026-04-26T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07406
published_at 2026-04-16T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07449
published_at 2026-04-04T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.0743
published_at 2026-04-07T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07487
published_at 2026-04-08T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.0751
published_at 2026-04-11T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07496
published_at 2026-04-12T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07484
published_at 2026-04-13T12:55:00Z
11
value 0.00027
scoring_system epss
scoring_elements 0.07393
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-27227
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27227
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27227
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.archlinux.org/AVG-2655
reference_id AVG-2655
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2655
4
reference_url https://security.archlinux.org/AVG-2656
reference_id AVG-2656
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2656
5
reference_url https://usn.ubuntu.com/7203-1/
reference_id USN-7203-1
reference_type
scores
url https://usn.ubuntu.com/7203-1/
fixed_packages
0
url pkg:deb/debian/pdns@4.7.3-2
purl pkg:deb/debian/pdns@4.7.3-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6pjd-r9ca-rbgg
1
vulnerability VCID-6uz8-kz5m-8ya9
2
vulnerability VCID-chzq-qej6-rkdq
3
vulnerability VCID-g4df-vh2e-abch
4
vulnerability VCID-pfhu-1qdf-p7d5
5
vulnerability VCID-xa6z-cw1x-7qba
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.7.3-2
aliases CVE-2022-27227
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7dc3-qdk8-k7b2
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/pdns@4.7.3-2