Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ggyq-3ku3-gfdy
Summaryunbound: Unbound DNSSEC Validator Use-After-Free via Deep Copy Pointer Overwrite Leading to DoS and Possible Remote Code Execution
Aliases
0
alias CVE-2026-33278
Fixed_packages
0
url pkg:apk/alpine/unbound@1.25.1-r0?arch=aarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/unbound@1.25.1-r0?arch=aarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unbound@1.25.1-r0%3Farch=aarch64&distroversion=edge&reponame=main
1
url pkg:apk/alpine/unbound@1.25.1-r0?arch=armhf&distroversion=edge&reponame=main
purl pkg:apk/alpine/unbound@1.25.1-r0?arch=armhf&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unbound@1.25.1-r0%3Farch=armhf&distroversion=edge&reponame=main
2
url pkg:apk/alpine/unbound@1.25.1-r0?arch=armv7&distroversion=edge&reponame=main
purl pkg:apk/alpine/unbound@1.25.1-r0?arch=armv7&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unbound@1.25.1-r0%3Farch=armv7&distroversion=edge&reponame=main
3
url pkg:apk/alpine/unbound@1.25.1-r0?arch=loongarch64&distroversion=edge&reponame=main
purl pkg:apk/alpine/unbound@1.25.1-r0?arch=loongarch64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unbound@1.25.1-r0%3Farch=loongarch64&distroversion=edge&reponame=main
4
url pkg:apk/alpine/unbound@1.25.1-r0?arch=ppc64le&distroversion=edge&reponame=main
purl pkg:apk/alpine/unbound@1.25.1-r0?arch=ppc64le&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unbound@1.25.1-r0%3Farch=ppc64le&distroversion=edge&reponame=main
5
url pkg:apk/alpine/unbound@1.25.1-r0?arch=riscv64&distroversion=edge&reponame=main
purl pkg:apk/alpine/unbound@1.25.1-r0?arch=riscv64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unbound@1.25.1-r0%3Farch=riscv64&distroversion=edge&reponame=main
6
url pkg:apk/alpine/unbound@1.25.1-r0?arch=s390x&distroversion=edge&reponame=main
purl pkg:apk/alpine/unbound@1.25.1-r0?arch=s390x&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unbound@1.25.1-r0%3Farch=s390x&distroversion=edge&reponame=main
7
url pkg:apk/alpine/unbound@1.25.1-r0?arch=x86&distroversion=edge&reponame=main
purl pkg:apk/alpine/unbound@1.25.1-r0?arch=x86&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unbound@1.25.1-r0%3Farch=x86&distroversion=edge&reponame=main
8
url pkg:apk/alpine/unbound@1.25.1-r0?arch=x86_64&distroversion=edge&reponame=main
purl pkg:apk/alpine/unbound@1.25.1-r0?arch=x86_64&distroversion=edge&reponame=main
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/unbound@1.25.1-r0%3Farch=x86_64&distroversion=edge&reponame=main
9
url pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u2
purl pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u2
10
url pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u2%3Fdistro=trixie
11
url pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u3?distro=trixie
purl pkg:deb/debian/unbound@1.22.0-2%2Bdeb13u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.22.0-2%252Bdeb13u3%3Fdistro=trixie
12
url pkg:deb/debian/unbound@1.25.1-1?distro=trixie
purl pkg:deb/debian/unbound@1.25.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.25.1-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2
purl pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2rn3-kr78-bfg7
1
vulnerability VCID-6dbt-vz18-fyek
2
vulnerability VCID-7ua4-z1h1-xbby
3
vulnerability VCID-8851-5xut-hucs
4
vulnerability VCID-9d9q-m22w-87hy
5
vulnerability VCID-dcb8-bxta-byf1
6
vulnerability VCID-eqne-qa15-bqct
7
vulnerability VCID-ggyq-3ku3-gfdy
8
vulnerability VCID-pynm-9z6w-8bdt
9
vulnerability VCID-qrut-qgea-3ybe
10
vulnerability VCID-sw37-aus2-q3c8
11
vulnerability VCID-vqsr-12v9-93hs
12
vulnerability VCID-w6va-yuxt-2bg4
13
vulnerability VCID-wns8-fkez-tuhz
14
vulnerability VCID-x25c-qeg2-87ab
15
vulnerability VCID-z2v8-7acb-xqde
16
vulnerability VCID-zrt2-xyka-s7cc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2
1
url pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/unbound@1.13.1-1%2Bdeb11u2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6dbt-vz18-fyek
1
vulnerability VCID-8851-5xut-hucs
2
vulnerability VCID-dcb8-bxta-byf1
3
vulnerability VCID-ggyq-3ku3-gfdy
4
vulnerability VCID-pynm-9z6w-8bdt
5
vulnerability VCID-qrut-qgea-3ybe
6
vulnerability VCID-vqsr-12v9-93hs
7
vulnerability VCID-w6va-yuxt-2bg4
8
vulnerability VCID-wns8-fkez-tuhz
9
vulnerability VCID-x25c-qeg2-87ab
10
vulnerability VCID-z2v8-7acb-xqde
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.13.1-1%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4
purl pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6dbt-vz18-fyek
1
vulnerability VCID-8851-5xut-hucs
2
vulnerability VCID-dcb8-bxta-byf1
3
vulnerability VCID-ggyq-3ku3-gfdy
4
vulnerability VCID-pynm-9z6w-8bdt
5
vulnerability VCID-qrut-qgea-3ybe
6
vulnerability VCID-vqsr-12v9-93hs
7
vulnerability VCID-w6va-yuxt-2bg4
8
vulnerability VCID-wns8-fkez-tuhz
9
vulnerability VCID-x25c-qeg2-87ab
10
vulnerability VCID-z2v8-7acb-xqde
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4
3
url pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie
purl pkg:deb/debian/unbound@1.17.1-2%2Bdeb12u4?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6dbt-vz18-fyek
1
vulnerability VCID-8851-5xut-hucs
2
vulnerability VCID-dcb8-bxta-byf1
3
vulnerability VCID-ggyq-3ku3-gfdy
4
vulnerability VCID-pynm-9z6w-8bdt
5
vulnerability VCID-qrut-qgea-3ybe
6
vulnerability VCID-vqsr-12v9-93hs
7
vulnerability VCID-w6va-yuxt-2bg4
8
vulnerability VCID-wns8-fkez-tuhz
9
vulnerability VCID-x25c-qeg2-87ab
10
vulnerability VCID-z2v8-7acb-xqde
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/unbound@1.17.1-2%252Bdeb12u4%3Fdistro=trixie
4
url pkg:rpm/redhat/unbound@1.24.2-3.el9_8?arch=1
purl pkg:rpm/redhat/unbound@1.24.2-3.el9_8?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8851-5xut-hucs
1
vulnerability VCID-ggyq-3ku3-gfdy
2
vulnerability VCID-wns8-fkez-tuhz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/unbound@1.24.2-3.el9_8%3Farch=1
5
url pkg:rpm/redhat/unbound@1.24.2-7.el10_2?arch=1
purl pkg:rpm/redhat/unbound@1.24.2-7.el10_2?arch=1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8851-5xut-hucs
1
vulnerability VCID-ggyq-3ku3-gfdy
2
vulnerability VCID-wns8-fkez-tuhz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/unbound@1.24.2-7.el10_2%3Farch=1
6
url pkg:rpm/redhat/unbound-main@1.25.1-0.1?arch=hum1
purl pkg:rpm/redhat/unbound-main@1.25.1-0.1?arch=hum1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8851-5xut-hucs
1
vulnerability VCID-ggyq-3ku3-gfdy
2
vulnerability VCID-vqsr-12v9-93hs
3
vulnerability VCID-wns8-fkez-tuhz
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/unbound-main@1.25.1-0.1%3Farch=hum1
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33278.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33278.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33278
reference_id
reference_type
scores
0
value 0.00322
scoring_system epss
scoring_elements 0.55525
published_at 2026-06-09T12:55:00Z
1
value 0.00322
scoring_system epss
scoring_elements 0.55538
published_at 2026-06-06T12:55:00Z
2
value 0.00322
scoring_system epss
scoring_elements 0.55526
published_at 2026-06-07T12:55:00Z
3
value 0.00322
scoring_system epss
scoring_elements 0.55507
published_at 2026-06-08T12:55:00Z
4
value 0.00322
scoring_system epss
scoring_elements 0.55532
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33278
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33278
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33278
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137187
reference_id 1137187
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1137187
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2479808
reference_id 2479808
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2479808
6
reference_url https://www.nlnetlabs.nl/downloads/unbound/CVE-2026-33278.txt
reference_id CVE-2026-33278.txt
reference_type
scores
0
value 9.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Red
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-20T12:13:01Z/
url https://www.nlnetlabs.nl/downloads/unbound/CVE-2026-33278.txt
7
reference_url https://access.redhat.com/errata/RHSA-2026:19752
reference_id RHSA-2026:19752
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19752
8
reference_url https://access.redhat.com/errata/RHSA-2026:23231
reference_id RHSA-2026:23231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:23231
9
reference_url https://access.redhat.com/errata/RHSA-2026:24369
reference_id RHSA-2026:24369
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:24369
10
reference_url https://usn.ubuntu.com/8282-1/
reference_id USN-8282-1
reference_type
scores
url https://usn.ubuntu.com/8282-1/
Weaknesses
0
cwe_id 416
name Use After Free
description Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
1
cwe_id 672
name Operation on a Resource after Expiration or Release
description The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.
Exploits
Severity_range_score8.1 - 9.1
Exploitability0.5
Weighted_severity7.3
Risk_score3.6
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ggyq-3ku3-gfdy